Here’s a collection of recent security vulnerabilities and alerts, which covers a new Java update, the release of a Windows login bypass tool, multiple vulnerabilities in CUPS that can lead to DoS attacks, and details of the upcoming Patch Tuesday.
- New Java update fixes security vulnerabilities
Java 6 Update 5 has just been released, which plugs multiple security vulnerabilities. Unfortunately, no exact details has been disclosed by Sun pertaining to them.
Because the Java installer does not automatically uninstall previous versions after installation of a newer one, users should manually remove the vulnerable versions after installation. You might also note that no Java Control Panel will appear after installing the 32-bit JRE on a 64-bit Windows Vista system, though there are possible workarounds.
- Windows login bypass tool released
Security guru Adam Boileau has made his winlockpwn tool available for download.
First presented more than two years ago, the tool makes it possible to bypass the Windows login via a FireWire port even if you don’t know the Windows password. At the moment, the tool supports Windows XP with SP2 as the target system, though there are reports of a Vista attack being successful using a slightly modified version.
The attack still works because Microsoft does not view the FireWire DMA vector exploited by the tool as a security problem since it’s part of the IEEE-1394 specification. Indeed, direct memory access is essentially independent of the operating system, hence Linux and Mac OS X are also susceptible.
In an ominous sign of things to come, there are reports that plugging a Cardbus Firewire card into a laptop without FireWire and waiting for it to auto-install while at the locked screen is sufficient to use winlockpwn successfully.
You can visit the project page or check out the presentation: Hit by a bus: Physical access attacks with FireWire (PDF).
- CUPS vulnerable to remote DoS
CUPS is prone to two remote denial-of-service vulnerabilities. It’s possible for attackers to exploit the vulnerabilities to crash the application. Remote code execution may also be possible but has not been confirmed.
Version 1.1.17 and 1.1.22 of CUPS are known to be vulnerable, though other versions may also be affected. There are no known working exploits for these issues at the moment.
- Patch Tuesday: An all-Office roundup
There are four bulletins from Microsoft for the upcoming Patch Tuesday tomorrow, each of them concerning critical vulnerabilities spread across different versions of Microsoft Office.
- The first patch is for Excel and is rated critical for Excel 2000 SP3 and important for all other versions of Excel.
- The second patch is critical for the following versions of Outlook: Outlook 2000 SP3, Outlook 2002 SP3, Outlook 2003 SP2 and SP3, and Outlook 2007. It does not affect Office 2007 SP1.
- The third patch is critical only for Microsoft Office 2000 SP3.
- The final patch planned for this month’s batch is rated critical for Microsoft Office Web Components 2000.
Kudos to you if you don’t use Microsoft Office — though just what are the chances of that anyway?